Android Security Researcher

Description:

Company Overview:

Cellebrite’s (Nasdaq: CLBT) mission is to enable its customers to protect and save lives, accelerate justice, and preserve privacy in communities around the world. Cellebrite is a global leader in Digital Intelligence solutions for the public and private sectors, empowering organizations to master the complexities of legally sanctioned digital investigations by streamlining intelligence processes. Trusted by thousands of leading agencies and companies globally, Cellebrite’s Digital Intelligence platform and solutions transform how customers collect, review, analyze, and manage investigative digital data in legally sanctioned investigations.

Position Overview:

As a talented researcher, you will be joining the industry’s leading digital intelligence Security Research Labs group. In this position you will be taking part and leading new projects in little-explored vulnerability research territories, producing world-unique capabilities to extract evidence from phones and other embedded devices. Recent phones (from burner phones to the latest flagships) are increasingly challenging from a forensics perspective, and involve hardware-backed encryption (FDE/FBE), secure boot chains (Verified Boot/dm-verity), evolving hardened SELinux policies, as well as adventures in ARM TrustZone secure worlds.

Key Responsibilities:

You will join Cellebrite’s digital intelligence Security Research Labs Group and be a part of a team of passionate researchers, dedicated to solving modern digital intelligence challenges, years ahead of others in the industry. Our world-class research results assist law enforcement by enabling lawful evidence extraction, and putting criminals behind bars, every day.

You are a security researcher who cares about the ethical use case for his/her work, and if the art of engineering and crafting a platform-wide native payload in a fragmented ecosystem of gaping variance is the kind of challenge you appreciate, you belong with us. We need your help to make the world a safer place.

Qualifications:

• Practical experience performing vulnerability research and exploitation, preferably in mobile or other modern environments, eg. Windows/Linux/iOS/MacOS
• Practical reverse engineering experience, preferably in ARM / TrustZone / Hypervisors
• Advantage: Cryptographic primitives and weaknesses
• Advantage: Advanced fuzzing
• Advantage: Offensive hardware research/board design
• Advantage: Experience dealing with modern memory corruption mitigations, such as PAC and MTE.